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(54) Tide: METHOD FOR PREVENTING USE OF SOFTWARE ON AN UNAUTHORIZED COMPUTER 



(57) Abstract 

A method for preventing use of software on an unauthorized 
computer. The software is programmed to encrypt and output to the 
user a validation number derived from information received by the 
software from the computer of one or more computer characteristics 
providing an unchangeable and unique computer identification. A 
second computer is operated for the software vendor to encrypt an 
activation number derived from the validation number and supplied 
to the user for input to the user's computer. The activation number 
includes one or more randomly-generated digits which, when a 
predetermined mathematical operation is performed thereon and on 
at least one of the digits of the validation number, yields a derived 
balance number. A preselected signature and other information is 
randomly scattered among randomly generated bytes along with a 
product identification number as a thumbprint/productprint which is 
encrypted by the balance number derived by the user's computer from 
the validation and activation numbers and which is on the hard disk 
drive of the user's computer. The software is authorized for use in 
the user's computer if the preselected signature is retrieved after the 
predetermined balance number is applied to decrypt the information 
including the preselected signature. 



USER COMPUTER 



10 



COMPUTER 
CHA RACTERIST ICS 



ACTIVATION COMPUTER 



ENCRTYPTED 
VALIDATION 
NUMBER 



44 



56 



46 



ENTER 
ACTIVATION 
NUMBER 



DERIVE 
BALANCE 
NUMBER 



64 



65 



ENCRYPT 
TP/PP WITH 
BALANCE NUMBER 



USER 



42 



rl 2 /" 

] PH | PH - 



rl 7 ^1 

\ PH | |PH - 



| 60 



ENCRYPTED 
ACTIVATION 
NUMBER 

^62 



56 



COMPUTER 



LOAD 
SOFTWARE 
PROGRAM 



120^ 
1 



DECRYPT TP/PP 



WITH PREDETERMINED 
BALANCE NUMBER I 



I 67 



EXECUTE 
SOFTWARE 



124 



HNSDOCID: <WO 9535533A1 J_> 




> 



FOR THE PURPOSES OF INFORMATION ONLY 



Codes used to identify States party to the PCT on the front pages of pamphlets publishing international 
applications under the PCT. 



AT 


Austria 


GB 


United Kingdom 


MR 


Mauritania 


AU 


Australia 


GE 


Georgia 


MW 


Malawi 


BB 


Barbados 


GN 


Guinea 


NE 


Niger 


BE . 


Belgium 


GR 


Greece 


NL 


Netherlands 


BF 


Burkina Faso 


HU 


Hungary 


NO 


Norway 


BG 


Bulgaria 


IE 


Ireland 


NZ 


New Zealand 


BJ 


Benin 


IT 


Italy 


PL 


Poland 


BR 


Brazil 


JP 


Japan 


PT 


Portugal 


BY 


Belarus 


KE 


Kenya 


RO 


Romania 


CA 


Canada 


KG 


Kyrgystan 


RU 


Russian Federation 


CF 


Central African Republic 


KP 


Democratic People's Republic 


SD 


Sudan 


CG 


Congo 




of Korea 


SE 


Sweden 


CH 


Switzerland 


KR 


Republic of Korea 


SI 


Slovenia 


CI 


Cdte d'lvoire 


KZ 


Kazakhstan 


SK 


Slovakia 


CM 


Cameroon 


LI 


Liechtenstein 


SN 


Senegal 


CN 


China 


LK 


Sri Lanka 


TD 


Chad 


cs 


Czechoslovakia 


LU 


Luxembourg 


TG 


Togo 


cz 


Czech Republic 


LV 


Latvia 


TJ 


Tajikistan 


DE 


Germany 


MC 


Monaco 


TT 


Trinidad and Tobago 


DK 


Denmark 


MD 


Republic of Moldova 


LJA 


Ukraine 


ES 


Spain 


MG 


Madagascar 


US 


United States of America 


FI 


Finland 


ML 


Mali 


uz 


Uzbekistan 


FR 


France 


MN 


Mongolia 


VN 


Viet Nam 


GA 


Gabon 











BNSDOCID: <WO 9535533A1_I_> 



WO 95/35533 



- 1 - 



PCT/CA95/00354 



METHOD FOR PREVENTING 

USE OF SOFTWARE ON AN UNAUTHORIZED COMPUTER 

The present invention relates generally to the 
prevention of unauthorized use of software. More 
particularly, the present invention relates to the 
preventing of a computer program from being executed on 
5 a computer system or computer network, other than one 
which has been previously authorized. 

As computer systems and software have 
proliferated, the problem of software piracy has also 
increased. A computer program is typically installed in 

10 a computer with a fixed disk or hard drive by 

transferring the program from a floppy disk or CD-ROM 
(purchased from a software publisher) to the fixed disk 
for subsequent use by the computer system. While the 
program may have originally been legitimately purchased, 

15 the purchaser may thereafter make copies for use by the 
purchaser or others in other computer systems or may 
simply use the floppy disk to install the software in 
other computer systems, without permission of the 
software publisher, thereby depriving the software 

20 publisher of the additional revenues of sale of 

additional 'software packages to which the publisher is 
entitled. Although back-up copies of software are 
normally considered desirable, it is also desirable for 
the financial health of the software industry that such 

25 "piracy" be stopped. 

Various techniques have been proposed for 
elimination or reduction of software piracy. Many of 
these techniques are described in U.S. patent 5,113,518 
to Durst, Jr. et al , which is incorporated herein by 

3 0 reference. Unfortunately, these techniques have met 

with only limited success as procedures have been found 
by the "pirates" or "hackers" for circumventing these 
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techniques . Some of these techniques may also be so 
inconvenient as to deter the customer from purchasing 
the software. For example, one such technique utilizes 
hardware in the form of a device called a "dongle" which 
5 is connected to the computer, and the software must 

confirm the presence of this device by means of a coded 
response before it can be activated. Such a device is 
described in U.S. patents 4,446,519; 4,562,306; 
4,685,055; and 5,182,770. However, this undesirably 
10 requires the purchase by the customer of such a device 
for each new software package which is purchased. 
Further, this technique can be defeated by discovery the 
correct coded response and providing it through a 
modification of the program. 
15 As pointed out in Durst, Jr. et al , the 

problem is not so much in the act of copying the 
software package as it is in the use of copies of the 
software on various computer systems without 
compensating the publisher for the right to use those 
20 copies. It is therefore a primary object of the present 
invention to prevent a computer program from being 
executed on an unauthorized computer system. 

Durst. Jr. et al discloses a technique for 
preventing a computer program from being used by a 
25 computer system other than a designated system. The 
values of certain characteristics exhibited by the 
. designated computer system first are stored, and then 
the values of those same characteristics exhibited by 
the computer system which is intended to use the 
3 0 computer program are measured and compared to the stored 

values. If the compared values are substantially the ? 
same, the computer program may be executed. However, if 
they are different, the computer system which was 
intended to use the program is inhibited from executing 
35 that program. These characteristics are disclosed to be 
one or more, and preferably at least two, of the 
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following: an identification of the processor included 
in the computer system, the clock speed of the clock 
generator included in that system, an identification of 
the ROM normally provided with the processor, the wait 
5 time assigned to the processor for accessing a RAM, the 
actual rotary speed of a disk drive normally provided 
with the computer system, the access speed of that disk 
drive, and the sector interleave value of that disk 
drive . 

10 Inherent characteristics such as proposed in 

Durst. Jr. et al have a tendency to have no current 
uniqueness (although perhaps unique at one time, 
standardization may have resulted in non-uniqueness, for 
example, there is now a standard disk drive speed) , or 

15 the characteristics may change over time undesirably 

making the software unavailable on the computer on which 
it is originally installed. Furthermore, the values of 
the characteristics are stored in the software to be 
compared with the values of characteristics of a 

20 computer on which the software is to be used. This has 
the disadvantage of being easy to circumvent since the 
values are stored in a known location in all programs, 
thus being accessible to every level of programmer. 

U.S. patent 4,740,890 to William discloses the 

25 use of. a remote computer to provide unlocking codes 

derived from master lists or algorithms. In the field 
. of radio- frequency transmission of data, data security 
has been maintained by the use of coded transmission 
utilizing a pair of numbers wherein a plurality of 

30 randomly- generated digits in one number has a 

mathematical relationship to the other number so as to 
yield a prime number for coding the transmission, and 
the same prime number is used for decoding the 
transmission. 

35 As discussed in U.S. patent 4,319,079 to Best , 

various encryption systems have been developed to 
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provide data security within data processing systems. 
However, computer- aided techniques for breaking codes 
are becoming more sophisticated. 

Techniques have also been proposed for 
5 activating software remotely. For example, U.S. patent 
5,222,134 to Waite et al discloses such a technique 
wherein a computer is provided with a registration 
shell, and a data link is established between the 
computer and a registration computer. By providing the 

10 registration computer with various information, a 

potential licensee can register to utilize the program. 
Once the registration process is complete, a 
tamper -proof overlay program is constructed at the 
registration computer and transferred to the user's 

15 computer. The overlay includes critical portions of the 
main program, without which the main program would not 
operate. This process undesirably requires a modem on 
the user's computer. 

U.S. patent 5,199,066 to Logan, which is 

20 incorporated herein by reference, discloses a method and 
system for protecting a software program recorded within 
a storage medium for use with or transmission to 
computer or processor based hardware. A hardware code 
uniquely associated with the particular hardware and a 

25 first software code uniquely associated with the 

particular embodiment of the software are inputted. The 
. hardware code is stated to be the numeric serial number 
of the hardware upon which the program is to operate. 
It is further stated that, in the case of some computers 

30 and some storage media, the program may have the ability 
to recall or otherwise obtain and input the software 
serial number and possibly the hardware serial number 
without any specific action by the user. A first 
predetermined operation is performed upon the hardware 

35 code and the first software code to produce an 

intermediate code. A unique activation code obtained 
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from the software supplier is inputted and a second 
predetermined operation is performed upon the 
intermediate code and the activation code to produce a 
second intermediate code. The second intermediate code 
5 is compared to a second software code uniquely- 
associated with the particular embodiment of the 
software and stored in a hidden location within the 
software. The use of the software is enabled only if 
the second intermediate code and the second software 

10 code are identical. By a formula, the hidden software 
code changes each time the software is copied, for 
example, by the addition of 7 each time. To obtain the 
activation number, the user must provide to the software 
supplier the serial numbers of the hardware and the 

15 software and the number of copies which have been made. 
The software supplier may have a "hot line" phone to 
permit the user to obtain the activation code. 

The Logan method relies on hiding a software 
code in a hidden location within the software. Thus, 

20 this code undesirably is within access by the user to 

allow formulation of an activation code (without making 
a telephone call to legitimately obtain it) and 
subsequent installation of the software to be achievable 
if the hidden code is located and the process then 

25 reverse -engineered. The hardware code which is used to 
generate the activation code is actually whatever number 
. is inputted by the user and given to the supplier by the 
user. Since the software is not required to confirm 
that the activation number is based on the serial number 

30 of the specific computer to be authorized, the 
activation code which is supplied will allow 
installation of the software on any computer. 

Various other techniques for preventing 
unauthorized software use are disclosed in U.S. patents 

35 4,829,296; 4,866,769; 4,593,353; 4,683,553; 4,796,220; 
5,263,157; 5,287,408; 5,311,591; and 5,293,422. 
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The above software -protection techniques can 
either be circumvented or rely on codes that can be 
broken or are so inconvenient to the customer that the 
competitive position of the software publisher suffers. 
5 It is accordingly an object of the present 

invention to provide for authorization of a particular 
computer system or network by means of a technique for 
uniquely identifying the computer system or network so 
that the identification doesn't change over time whereby 
10 the software does not become unavailable on the 
authorized computer system or network. 

It is a further object of the present 
invention to provide an easy and convenient means for 
activation of a software package on a particular 
15 computer system or network by a customer. 

It is yet another object of the present 
invention to provide activation of a software package on 
a particular computer or computer network by means which 
cannot be discovered and copied by even computer-aided 
20 reverse engineering. 

It is a still further object of the present 
invention to provide activation of a software package on 
a particular computer inexpensively and quickly. 

In accordance with the present invention, a 
25 method is provided for preventing use of software on an 
unauthorized computer wherein the software is programmed 
. to generate and output to the user of a computer a first 
or validation number derived from one or more of the 
following computer characteristics: serial number of 
30 the hard disk, the BIOS data from ROM f the number of 

sectors per track of the hard disk, the number of heads 
of the hard disk, and the number of cylinders of the 
hard disk. A second or activation number derived from 
the first number is encrypted by operation of a second 
35 computer at a remote location inaccessible to the user 
for input to the user's computer to allow use of the 
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software on the user's computer. The second number 
includes one or more randomly generated digits which, 
when a predetermined mathematical operation is performed 
thereon and on at least one of the digits of the 
5 validation number, yields a derived balance number. 
This derived balance number is used in the user' s 
computer to encrypt a thumbprint of the computer 
characteristic including a preselected signature and a 
productprint . When the computer program is to be 

10 executed, the software decodes the thumbprint and 

productprint using a predetermined balance number* If 
the derived balance number is equal to the predetermined 
balance number, the program will execute. Otherwise, it 
will not execute. 

15 The above and other objects, features, and 

advantages of the present invention will be apparent in 
the following detailed description of the preferred 
embodiments thereof taken in conjunction with the 
accompanying drawings wherein the same reference 

20 numerals denote the same or similar parts throughout the 
several views . 



Brief Description of the Drawings 

Fig. 1 is a perspective view of a personal 
25 computer and a floppy disk within which is stored a 
computer program wherein the computer is to be 
authorized for use of the program therein in accordance 
with the present invention. 

Fig. 2 is a generally diagrammatic view 
30 illustrating the hard disk drive therefor. 

Fig. 3 is a generally diagrammatic view 
illustrating the software activation process which 
embodies the present invention. 

Fig. 4 is a block diagram of the process. 
35 Fig- 5 is a flow diagram therefor. 
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Fig. 6 is a flow diagram of a process for 
generating a validation number therefor. 

Fig. 7 is a flow diagram of a process for 
generating from the validation number an activation 
5 number. 

Fig. 8 is a flow diagram for execution of the 

software . 

Fig. 9 is a flow diagram of the entering of 
the activation number by the user. 
10 Fig. 10 is a flow diagram of generation of a 

thumbprint in the computer. 

Fig. 11 is a diagrammatic view illustrating 
the thumbprint format in the computer. 

Fig. 12 is a view similar to that of Fig. 11 
15 illustrating the productprint format in the computer. 

Fig. 13 is a diagrammatic view of the 
thumbprint /productprint areas illustrating scrambling of 
the thumbprint. 

Fig. 14 is an enlarged view of the thumbprint 
2 0 area of Fig. 13. 

Fig. 15 is a view similar to that of Fig. 3 
illustrating an alternative embodiment to the present 
invention. 

Fig. 16 is a flow diagram similar to that of 
25 Fig. 6 illustrating an alternative method of generating 
the validation number. 

Fig. 17 is a flow diagram similar to that of 
Fig. 7 illustrating an alternative method of generating 
the activation number. 

30 

Detailed Description of the Preferred Embodiments 

Referring to the drawings, there is shown in 
Fig. 1 a typical personal computer 10 of a type well 
known in the art and commercially available from a 
35 variety of manufacturers, for example, IBM Corporation. 
The personal computer 10 includes a standard keyboard 
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12, a standard cathode ray tube (CRT) or screen 14, and 
a pair of floppy disk drives 16. The keyboard 12 is 
employed to facilitate communication between an 
individual user, illustrated at 40 in Fig. 3, and the 
5 computer 10 in a manner which is generally well known in 
the computer art. The CRT 14 also functions in a manner 
well known in the computer art for displaying 
information inputted through the keyboard 12 as well as 
information outputted by the inner workings of the 
10 computer 10. The disk drives 16 are employed in a 

manner well known in the computer art for receiving one 
or more floppy disks to facilitate the loading or entry 
of computer software or programs stored within a floppy 
disk into the computer 10. A typical floppy disk 18 is 
15 illustrated in Fig. 1. As used herein, the terms, 

"program," "computer program, " "software" and "software 
program" are interchangeably used to mean a series of 
instructions which are used to control the operation of 
computer hardware or other computer-based or 
20 process -based hardware. The reference numeral 18 will 
be used herein to refer interchangeably to the floppy 
disk as well as the program contained thereon. 

While in the present description of a 
preferred embodiment of the invention, a personal 
25 computer 10 is shown and described, it will be 

appreciated by those skilled in the art that the present 
invention may be employed in conjunction with any other 
type of computer, including standard computers such as a 
microcomputer, a mini -computer, a main- frame computer, a 
30 computer network, and/or special purpose computers. In 
addition, the present invention may be employed in 
connection with any other type of computer or 
processor -based hardware such as computer or processor 
controlled machinery or equipment. By "computer 
35 network" is meant a plurality of computers which 
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communicate via a client server, peer- to- peer, or the 
like. 

Likewise, while in connection with the 
description of the presently preferred embodiment, the 
5 computer program or software is illustrated as being 
stored within a floppy disk 18, it will be appreciated 
by those skilled in the art that the program or software 
could alternatively be stored in any other type of 
storage medium, for example, a different magnetic 

10 medium, such as a CD-ROM drive, a hard disk drive, 
magnetic tape, etc.; a semiconductor based storage 
medium, such as a random access memory (RAM) , a read 
only memory (ROM) , a programmable read only memory 
(PROM), etc.; or a nontraditional storage medium, such 

15 as a digital audio or video tape or disk or network of 
storage devices. Accordingly, it should be clearly 
understood that the present invention is not limited to 
the particular computer hardware 10 or storage medium 18 
used to illustrate the preferred embodiment of the 

2 0 invention. 

Referring to Fig. 2, there is illustrated at 
20 a fixed or hard disk drive for computer 10 which 
includes a multiplicity of platters 22 rotatable about a 
hub 24. Each platter 22 contains a plurality of 

25 concentric circular tracks 26 each containing a 

plurality of sectors 28 used for storage of digital 
. information. Although there are physically fewer 
sectors 28 in the tracks 26 closer to the hub 24, the 
hard drive controller, illustrated at 32, manages the 

30 space so that, as seen by the computer 10, there are on 
average typically 17 sectors 28 per track 26. Each 
platter 22 is two-sided and has on each side a 
read/write head 3 0 which magnetically stores onto and 
reads digital information from the platter 22. 

35 For a track 26, there is a similarly situated 

track on the opposite side of its platter 22 and on each 
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of the sides of the other platters, which multiplicity 
of tracks together is defined herein as a cylinder, 
illustrated at 34. A cylinder 34 is a logical ordering 
so that the controller 32 can simultaneously write to 
5 both sides of each of a multiplicity of platters 22. 

Referring to Figs. 3 and 4, in accordance with 
the present invention, when a purchaser 40 of a 
publisher's software package 18 wishes to use the 
software on the computer 10, the software requires that 
10 it first be authorized. The software 18 is embedded 
with a program which prevents use of the software (or 
copies thereof) on a computer unless authorization is 
obtained for use on the particular computer. In a 
computer network, a maximum number of concurrent users 
15 may be authorized for use of the software, as described 
hereinafter. 

The program 18 encrypts from one or more 
computer characteristics, as indicated at 42, a first or 
validation number, as indicated at 44, which appears on 
20 the computer screen along with instructions for 

obtaining a second or activation number for inputting to 
the computer 10, as indicated at 46, for executing the 
software 18, as indicated at 48. 

In order that there be minimal inconvenience 
25 to the user 40, he or she is preferably instructed to 

call an "800" or the like phone number at an activation 
. center, illustrated at 61, at another location (remote 
location) which is provided as a service to the 
publisher of the software 18. Thus, phones 52 and 54 
30 respectively are used to orally communicate the 

validation number (and other information to be described 
hereinafter) over phone line 56 to the activation center 
operator 50 who then inputs via keyboard 58 the 
validation number to a second computer 60, which may be 
35 similar to computer 10 or another suitable conventional 
computer. This number is then used by the program 63 in 
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computer 60 to generate and encrypt an activation 
number, as indicated at 62. The reference numeral 63 
refers to a hard disk drive in computer 60 as well as a 
program stored thereon. The activation number is 
5 generated to be related to the validation number so that 
a number, herein called a "derived balance number, " may 
be derived therefrom, as hereinafter discussed. The 
activation number is then provided by the operator 50 to 
the user 40 over phone line 56, who then inputs it to 

10 computer 10 by means of keyboard 12 . The software 

program 18 then utilizes the validation and activation 
numbers, as indicated at 64, to obtain the derived 
balance number. If the validation and activation 
numbers have been correctly generated and inputted to 

15 the user's computer, the derived balance number will be 
equal to a predetermined balance number. This derived 
balance number is then used to encrypt a thumbprint of 
the computer characteristics including a preselected 
signature (TP) and a productprint (PP) , as indicated at 

20 65. For the software to be executed, as indicated at 
124, the program is loaded to the hard disk 20, as 
indicated at 120, and the thumbprint and productprint 
are decrypted using the predetermined balance number, as 
indicated at 67. It is envisioned that, with CD-ROM or 

25 some other medium, the software program may not be 

loaded to the hard disk. If the preselected signature 
is retrieved, the program 18 proceeds with execution of 
the software, as indicated at 48. 

As used herein and in the claims, a 

30 "predetermined balance number" is a number which is 
embedded in the software 18 or otherwise provided to 
decrypt the preselected signature, and a "derived 
balance number" is a number which is derived 
mathematically from the validation and activation 

35 numbers for encrypting the signature. As used herein 
and in the claims, a "signature" or "preselected 
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signature" is information in the form of a preselected 
set of digits or characters which the software 18 is 
programmed to recognize or locate upon use of a 
decryption process using the predetermined balance 
5 number in order that the software be authorized for use. 
Therefore, if the derived balance number is the same as 
the predetermined balance number, the signature will be 
correctly encrypted and can as a result be decrypted by 
the predetermined balance number to yield the 
10 preselected signature whereby the program may be 

executed. Otherwise, the preselected signature cannot 
be found and the program will not execute. 

Referring to Fig. 15, there is illustrated an 
alternative embodiment wherein person-to-person phone 
15 communication over telephone line 56 is replaced by 

modem-to-modem communication. Thus, modems 53 and 55 
may be provided for computers 10 and 60 respectively for 
transmitting and receiving the needed information. 

Fig. 5 illustrates in greater detail at 65 the 
20 process for activation of the software 18. As 

illustrated therein, the user 40 begins the process by 
inserting the diskette or CD-ROM or the like containing 
the software 18 in the respective drive 16. 
Alternatively, the user may have previously down- loaded 
25 (by modem) an embedded software package from a computer 
bulletin board service or other electronic distribution 
service. In this case, the software will be residing on 
the hard disk drive, awaiting activation. In all cases, 
the user selects the "activate" or "install" option. 
30 The software application code then checks for previous 
activation of this software package 18 on this 
particular computer system 10, i.e., is there a valid 
thumbprint /productprint (TP/PP) for this product. If 
"yes," the program may proceed with installation or re- 
35 installation of the software 18 without a call to the 
activation center. If "no," a first screen appears 
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which greets the user 40 in the publisher's name and 
prompts the user to exit or to proceed with software 
activation. 

If the user elects to proceed with software 

5 activation, the application code reads the system 

characteristics, which will be discussed hereinafter, 
and a second screen appears showing the publisher's 
name, product and version, customer identification, and 
product identification. The user is then requested to 

10 enter the publisher's product serial number after which 
it is validated for transcription errors. The user is 
requested to have basic demographic information 
available before making a "1-800," "1-900," "DDD, " or 
the like telephone call to the activation center 61 and 

15 is then requested to call the activation center 61. 

At the activation center 61, the operator 50 
requests the customer's identification number, the 
product identification number, and published product 
serial number and displays the customer screen. The 

20 operator then receives and enters this information in 

the activation center computer 60. The last two digits 
of each of these numbers are check digits, determined in 
accordance with principles commonly known in the art to 
which this invention pertains, by means of which the 

25 program 63 checks whether the numbers are valid numbers. 
The operator may then receive and enter demographic 
. information from a new customer or updated demographic 
information from an existing customer. The program 18 
then proceeds to generate from the system 

3 0 characteristics a validation number which then appears 

on the screen. The operator 50 then requests and enters 
the validation number in the activation center computer 
60, and the program 63 in the activation center computer 
proceeds to generate an activation number, as described 

35 hereinafter. This activation number is then relayed by 
phone from the operator 50 to the user 40, who then 
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enters the information in computer 10. As previously 
discussed, this information may alternatively be 
transmitted back and forth by modem-to-modem 
communication. After deriving the balance number, the 
5 program 18 then "writes" the product identification, the 
computer characteristics, and the preselected signature 
in the form of a thumbprint /productprint (TP/PP) 
encrypted by the derived balance number, as described 
hereinafter, to the hard disk drive 20. If the 
10 activation number is not a correct number to generate a 
derived balance number which is the same as the 
predetermined balance number, then the TP/PP will be 
encrypted and written using a different number, and the 
preselected signature will not be found when 
15 subsequently applying the decryption process using the 
predetermined balance number. As a result, future 
efforts to execute previously authorized computer 
programs on this computer system will be unsuccessful. 
The screen will then prompt the user to proceed with 
2 0 installation of the computer program or to exit. If the 
user selects "proceed", the publisher package 
installation proceeds, and, when complete, the user 
system returns to the operating system prompt. 

If the system characteristics on which the 
25 validation number is based have a tendency to change 
over time or are not sufficiently unique, as are the 
. characteristics disclosed in the Durst, Jr. et al 
patent, then authorization of a computer may be 
unreliable in that the authorization may be lost if the 
30 characteristics change or the software may not reliably 
be prevented from use on an unauthorized computer 
system. Thus, the characteristics of the computer 
system on which the validation number is based are 
chosen to be unique and unchanging so that subsequent 
35 program execution on the same computer system is 
seamless yet attempts to execute the program on a 
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different computer system will result reliably in the 
program being prevented from executing without a further 
authorization from the activation center. A suitable 
set of computer characteristics (32 bytes) , which are 
5 available on standard industry hardware by accessing 
various interrupts and direct read functions in 11 C" 
language, using principles commonly known to those of 
ordinary skill in the art to which this invention 
pertains, are the serial number of the hard disk 20 (20 

10 bytes), the BIOS data from ROM (read only memory), i.e., 
the date (MM/DD/YY) the system board for computer 10 was 
manufactured (8 bytes) , and disk information consisting 
of the number of sectors 28 per track 26 (1 byte) , the 
number of heads 30 (1 byte) , and the number of cylinders 

15 34 (2 bytes) . It should be understood that the set of 
characteristics may be less than the above as long as 
the desired uniqueness is obtained. For example, the 
serial number of the hard disk 20, which includes a 
unique manufacturer identification number, may be 

20 sufficient. For another example, the combination of the 
BIOS data and the hard disk information may be 
sufficient. 

Hereinafter, specific processes for generation 
of the validation and activation numbers, along with 

25 examples, will be provided. It should be understood 
that various variations may be made in these specific 
processes. Thus, neither the specific process steps nor 
the examples should be viewed as limiting the present 
invention but are instead to be taken as exemplary 

30 thereof. 

Referring to Fig. 6, after the program 18 
retrieves internal characteristic information, as 
indicated at 70, these 32 bytes of information are 
reduced to 4 internal random bytes (for example, A* !0) , 
35 as indicated at 72, by the conventional technique of a 
recursive modulus 256 check-sum procedure, a technique 
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commonly known to those of ordinary skill in the art to 
which this invention pertains* Each of the four bytes 
correspond to numbers between 0 and 255, for example, 
61 , 128, 85 , 40. The reduction in the number of bytes 
5 is primarily to reduce the volume of information to be 
transmitted over the phone by the user and operator. 
However, with modem-to-modem communication, as 
previously discussed relative to Fig. 15, it may be 
unnecessary to reduce the 32 bytes to 4 since 

10 convenience of the user and operation would no longer be 
a consideration. 

As indicated at 74, 5 check digits are 
calculated from these four bytes by a conventional 
weighted technique wherein the summation of the products 

15 of the bytes and weighted numbers, using the weighting 
2, 3, 4, and 5 respectively, is divided by 10, and the 
remainder is the first check digit Thus, D 1= 2 as 

follows: 

20 [5 (61) +4 (128) +3 (85) +2 (40) ] /10 

= 115, remainder 2 

Check digit Dj is appended to the four bytes, i.e., 61, 
25 12 8, 85, 40, 2, for calculation of check digit D 2 , and 

the summation of the products of the bytes (with D x ) and 
numbers 2, 3, 4, 5, and 6 (shifted to the right) 
respectively is divided again by 10, and the remainder 
is the second check digit D 2 . Thus, D 2 =0 as follows: 

30 

[6 (61) +5 (128) +4 (85) +3 (40) +2 (2) ] /10 
= 147, remainder 0 

35 The remaining check digits D 3 , D 4 , and D 5 may be 

calculated similarly with "shifting to the right" 
occurring for each check digit. As illustrated at 76, 
these check digits are placed in an intermediate storage 
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buffer to await the generation of 5 random digits, as 
hereinafter discussed. 

Meanwhile, as indicated at 78 # the program 18 
generates the 5 random digits R x to R 5 . As indicated at 
5 80, these random digits R, to R 5 are added respectively 
to the check digits D x to D 5 ( and any resulting digit in 
the 10s column dropped) to obtain a set of digits C x to 
C 5 . For example, assuming D, to D 5 = 3, 5, 1, 9, 2, and 
to R 5 = 8, 3 ; 6, 2, 5, C, to C 5 are calculated as 
10 follows: 



15 



20 



3 


5 


1 


9 


2 


Di 


to 


D 5 


8 


1 


6 


2 


5 




to 




1 


8 


7 


1 


7 


c, 


to 


c 5 



As indicated at 82, the digits C, to C 5 and the 
random digits R x to R 5 are assembled as R^.. R 5 , C x . . . C 5# 
i.e. , 

8362518717 



As indicated at 84, two check digits C 6 and C 7 
25 are calculated similarly as discussed for check digits D l 
to D 5 . Thus, C 6 is calculated by summing the products of 
the 10 digits and 2, 3, 4, 5, 6, 7, S, 9, 2, 3 
respectively and dividing by 10, the remainder being C 6 
which, in this example, is 6, as follows: 

30 . 

[2 (7) +3(1) +4 (7) +5 (8) +6(1) +7 (5) +8 (2) +9 (6) +2 (3) +3(8)]/l0 
= 22 , remainder 6 . 

35 

Using the resulting 11 digit number and shifting to the 
right, check digit C7 = 8, as follows: 



40 [2 (6) +3 (7) +4(1) +5 (7) +6 (8) +7(1) +8 (5) +9 (2) +2 (6) +3 (3) 

+4(8)3/10 = 23, remainder 8. 



BNSDOCID: <WO 9535533A1 J_> 



WO 95/35533 



# 

- 19 - 



PCT/CA95/0O354 



As indicated at 86, random numbers R x to R 5 , 
digits Cx to C 5 , and the check digits C 6 and C 7 are 
assembled into the validation number Rj... R 5 , Cj... C 5 , 
C 6 , C, which, in the example, is: 

5 

Validation no:83625187176 

8 

10 Thus, the resulting pseudo- random validation 

number generated by the program 18 in the user's 
computer 10 comprises digits which are meaningless to 
the user and have no meaning relative to the computer 
characteristics, except that the computer 

15 characteristics can be derived therefrom by means of a 
program which traces backwardly the validation code to 
the original 32 bytes. Since the process is pseudo- 
random, the derivation of such a program by a hacker is 
not envisioned. By re -calculation of check digits C 6 and 

20 C 7 , the activation computer 60 can confirm that the 

validation number provided by the user 40 is a correct 
and not a fabricated or incorrectly given validation 
number. 

Referring to Fig. 16, there is illustrated an 
25 alternative method of generating the validation number 
which allows the authenticity of the customer and 
product identification and the product serial no. to be 
checked for relational correctness and whether the 
information given over the phone corresponds to what is 
30 entered in the computer 10. Often, the product 

identification and product serial numbers are within a 
range of numbers, permitting a further check on their 
correctness . 

As indicated at 200, the customer and product 
35 identification numbers, the publisher's serial number, 
and the preliminary validation number (including check 
digits) are first assembled into a number (customer 
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ID....C7), the preliminary validation number in this 
embodiment being defined to be the same as the 12 -digit 
validation number previously discussed. This assembled 
number is then used to generate from all of the bytes 
5 thereof two check digits C 8 and C 9 , as indicated at 202, 
in a manner as previously discussed for generation of 
check digits. As indicated at 204, the resulting number 
with these check digits appended (customer ID....C 9 ) is 
then summed. Two more check digits C 10 and C u are then 

10 generated based on the sum, as indicated at 206, again 
using similar principles for check digit generation. 
The check digits C 8 , C 9 , C 10 , and C n are appended to the 
preliminary validation number to obtain a final 
validation number (Ri...R 5 , C x . . . .C u ) , as indicated at 

15 208. 

At the activation center, the check digits C 8 
to C n will be used to determine if the information given 
by the user checks, i.e., the activation center will 
double- check to determine if the user really gave the 

20 correct information. 

Unless otherwise noted, the term "validation 
number" will refer in this specification to the 12 -digit 
validation number but may refer in the claims to either 
validation number or another suitable validation number. 

25 Referring to Fig. 7, there is indicated the 

process of generation of the nine digit activation 
number Aj to A*, by program 63 in the remote activation 
computer 60. As indicated at 90, after the validation 
number is inputted, the check digits C 6 and C 7 are re- 

3 0 calculated and compared with the corresponding digits in 
the validation number as supplied over the phone by the 
user to confirm the validation number as a correct one 
which has not been fabricated or incorrectly given by 
the user. 

35 As indicated at 92, the sum of the digits of 

the validation number is calculated, this sum being a 
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number which is defined herein as "Balance 1." Thus, in 
this example, 

Balance 1 = 8+3+6+2+5+1+8+7+1+7+6+8 = 62 

5 

It should however be understood that Balance 1 may be 
obtained from the validation number by any other 
suitable mathematical process. 

10 As indicated at 94, digits A^ A$, and A 7 are 

calculated from the validation number as follows. A 2 is 
set equal to the unit's value of balance l, and A$ is set 
equal to the ten's value thereof. Thus, in the example, 
A 2 = 2 and A* = 6. The digits R,... Rs, C x ... C 5 are 

15 multiplied respectively by 1, 2, 4, 8, 16, 32, 64, 128, 
256, 512 (hexadecimal weighting, i.e., the digits being 
multiplied respectively by a set of numbers with each 
being double the preceding number, beginning with 1) , 
and the summation of the products is divided by 10, the 

20 remainder being A 7 . Thus, A 7 = 4, calculated as follows: 

[1(8) +2 (3) +4 (6) +8 (2) +16 (5) +32(1) +64 (8) +128 (7) 
+256 (1) +512 (7) ] /10 = 541, remainder 4 

25 

As indicated at 96, three random digits a, b, 
and c are generated by the program 63 . A number d is 
calculated as a(b)+c, as indicated at 98. As indicated 
at 100, if d is greater than or equal to a predetermined 

30 balance number, d is subtracted from Balance 1, 

giving e. Otherwise, d is added to Balance 1, giving e. 
As indicated at 102, if the result e is not equal to the 
predetermined balance number, a new set of 3 random 
digits is generated and steps 96, 98, and 100 re-applied 

35 until a set of 3 digits a, b, and c is randomly selected 
such that e is equal to the predetermined balance 
number. The number d for those three digits (wherein, e 
= the predetermined balance number) is defined herein as 
"Balance 2," and those three digits a, b, and c are set 
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equal to A 1# and Aj respectively, as indicated at 104. 
It should be understood that Balance 2 may be obtained 
from the three (or other suitable number) of 
randomly -generated digits by any other suitable 
5 mathematical process. Thus, Balance 2, in this example, 
is equal to Balance 1 less the predetermined balance 
number, i.e., Balance 2 = 62 - 5 = 57. 

It is preferred that the predetermined balance 
number be a prime number such as, in the example, 5, 

10 since a factorable number is weak mathematically so that 
the code may be more easily cracked. More preferably, 
the prime number is a higher number such as a 2, 3, or 4 
digit prime number since more digits of information are 
involved, making any effort to determine the 

15 predetermined balance number even more difficult. 

With e = 5, a random set of values for a, b, 
and c may be 7, 8, and 1 respectively whereby A,, A 3 , and 
Aj are 8, 7 , and 1 respectively. This is because 
Balance 2 =7(8) +1=57, and 

20 e = Balance 1 - Balance 2 = 62 - 57 = 5. 

As indicated at 106, a determination is made 
whether Balance 1 is greater than or equal to the 
predetermined balance number e. If Balance 1 is less 
than the predetermined balance number, 5, then A4 is set 

25 to a random number of 0 to 4, as indicated at 108. If 
Balance 1 is greater than or equal to the predetermined 
balance number, 5, as it is in the example, then A4 is 
set to a random number of 5 to 9 . For example, A* may be 
set randomly to 6. 

3 0 As indicated at 112, the digits A 1 to A 7 are 

then assembled, as follows: 

8 2 7 6 1 6 4 



35 



Similarly as check digits C 6 and C 7 were 
calculated for the validation number, check digits Ag and 
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are calculated for the activation number; as indicated 
at 114, except the multipliers of A x to A 7 and then A x to 
Ag begin with different digits, i.e., 7 and 8 
respectively. Thus, in the example, A 8 = 6 as follows: 

5 

[7 (4) +8 (6) +9 (l)+2 (6) +3 (7) +4 (2) +5 (8) ] /10 
= 16, remainder 6 

10 Ag=G as follows: 

[8 (6) +9 (4) +2 (6) +3 (l)+4(6)+5 (7) +6 (2) +7(8) ] /10 
= 22, remainder 6 

15 

As illustrated at 116, the activation number A t 
to A9 is assembled and displayed on the screen to the 
operator 50, as follows: 

20 

827616466 

This number is delivered over the phone, by modem, or 

25 otherwise to the user for inputting to computer 10. 

Referring to Fig. 17, there is illustrated an 
alternative method of generating the activation number, 
which allows a greater check on the authenticity of the 
digits thereof. After assembly of the preliminary 

30 activation number, as illustrated in Fig. 7 and 

indicated at 116, this assembled number is then used to 
generate from all of the bytes thereof two check digits 
A 10 and A n , as indicated at 250, in a manner as 
previously discussed for generation of check digits. As 

35 indicated at 252, the resulting number with these check 
digits appended (A!....A n ) is then summed. Two more 
check digits A 12 and A 13 are then generated based on the 
sum, as indicated at 254, again using similar principles 
for check digit generation. The check digits A 10 , A n , 

40 A 12 , and A 13 are appended to the preliminary activation 

number to obtain a final activation number, as indicated 
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at 256. "When the final activation number is inputted to 
the user's computer, the program will utilize these 
additional check digits to determine if the activation 
number is a correctly generated number, 
5 Unless otherwise noted, the term "activation 

number" will refer in this specification to the nine- 
digit activation number but may refer in the claims to 
either activation number or another suitable activation 
number . 

10 As with the validation number, the resulting 

pseudo- random activation number generated by the program 
63 in the remote computer 60 comprises digits which are 
meaningless to the user and have no meaning relative to 
the validation number, which is also meaningless to the 

15 user. If, however, the user were to successfully 

generate an activation number which would cause the 
TP/PP to be encrypted and written, the TP/PP cannot 
thereafter be decrypted to retrieve the preselected 
signature for execution of the software unless the 

2 0 random digits were also selected to give a derived 

balance number which is the same as the predetermined 
balance number. 

The activation number is given over the phone, 
modem, or the like to the user 40 and inputted to the 
25 computer 10 being authorized. The program 18 then 
generates a derived balance number and causes the 
customer and product identification, computer system 
unique characteristics, and the preselected signature to 
be written on the hard disk drive 20 as the 

3 0 thumbprint /productprint (TP/PP) , encrypted by use of the 

derived balance number, as described hereinafter, 
preferably in several locations to facilitate data 
integrity/recovery across all operating systems, i.e., 
DOS, Windows, OS/2, and the like: (1) one or more 
35 locations in the root of the hard disk drive 20, i.e. a 
non-hidden file in the directory, (2) track 0 of the 
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first cylinder 34, i.e., a hidden file, and <3) several 
(perhaps 3) locations on the diagnostic cylinder, i.e. 
hidden files. By "hidden files" is meant that there is 
no directory in the system which indicates their 
5 existence. The information is also written to several 
different locations as a back-up, i.e., in case it gets 
inadvertently deleted at one or more locations. There 
are situations where it may be desirable to recover the 
information. For example, during unloading and 

10 reloading, the "non-hidden file" and its root directory 
will be recovered, i.e., rewritten. Therefore, it is 
desirable that the information be written to the root 
directory even though it is not a hidden file. 

Referring to Fig. 8, for execution of the 

15 software package 18, the user "runs" the software, as 
indicated at 120, and the "executable" code portion 
thereof checks for whether a valid 

thumbprint /productprint (TP/PP) exists on the hard disk 
drive 20, as indicated at 122. If a valid TP/PP has 

20 been written to the hard disk drive 20, the software 
executes, as indicated at 124. A wrapper in each 
software package may have several "enabling" function 
calls to the embedded, encrypted "code." However, if a 
valid TP/PP does not exist, then the software causes the 

25 computer screen to display a message prompting the user 
to insert the activation/ installation diskette, CD ROM, 
or the like medium in order to activate, as indicated at 
126. If the medium is inserted, the activation process 
begins, as indicated at 12 8. Otherwise, the program 

30 terminates and a return to the Operating System occurs. 

Referring to Fig. 9, after the activation 
number A 2 to A, is inputted to the computer 10 by the 
user 40, as indicated at 130, check digits A* 8 and A a 9 are 
calculated (in the same way check digits Ag and A<, were 

35 calculated) and compared with digits A 8 and A$, as 

indicated at 132 and 134 respectively. If As « A* 8 and 
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A$ = A* 9 , then the program proceeds to a calculation of 
A\, a\, and A* 7 (in the same way A 2 , A*, and A 7 were 
calculated) and a comparison made with A^ 2^, and A 7 , as 
indicated at 136 and 138 respectively. If Aj = A 1 2 , 
5 = A* 6 , and A 7 = A^, then A M Ag, and A^ are extracted 

from the activation number. Balance 1 is set equal to 
the sum of the digits of the validation number, and 
Balance 2 is set equal to A 3 (Aj) + As, as indicated at 
140, 142, and 144 respectively. A,, is abstracted from 

10 the validation number. If A4 is greater than or equal to 
5, then the derived balance number is equal to Balance 1 
less Balance 2, as indicated at 146. Otherwise, the 
derived balance number is equal to the sum of Balance 1 
and Balance 2, as indicated at 148. 

15 Referring to Figs. 10 to 14, the derived 

balance number is used to encrypt and write to the hard 
disk drive 20 the thumbprint in a thumbprint format, 
indicated at 209 in Fig. 11, and the productprint 
(containing the publisher's product identification 

20 number in a productprint format) , illustrated at 221 in 
Fig. 12, contained within a cluster of perhaps 4 sectors 
28 (2048 bytes), as seen in Fig. 13. The thumbprint 150 
is contained within one of the sectors (512 bytes) . 

As indicated at 160 in Fig. 10, the program 

25 first checks for whether a thumbprint 150 exists* If it 
does, it is then updated for a new productprint, as 
indicated at 161, and a random number generator is run 
to determine randomly a "pointer" start position, as 
indicated at 163. If it doesn't, a thumbprint 150 must 

30 be generated. This is done by running a unique random 
number generator for the "pointer" portion 154 (right 
side 256 bytes) of the thumbprint area 150, as indicated 
at 162, running a non-unique random number generator for 
the "data" portion (left side 256 bytes) of the 

35 thumbprint area 150 and the 3 sectors for productprints, 
as indicated at 164, and running a random number 
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generator to determine randomly a "pointer" start 
position, as indicated at 166, 

Referring to Fig. 11, the thumbprint is 
assembled in the area 150 in a format, indicated at 209, 
5 of perhaps 35 bytes including (1) the authorizer's 
signature (16 bytes) , illustrated at 22 6, (2) the 
customer identification number (4 bytes) , illustrated at 
210, (3) the number of products for this customer number 
(2 bytes, based on how many productprints have been 

10 written), illustrated at 212, (4) a productprint 

encryption key (2 bytes, a random number used to encrypt 
the productprint by a suitable conventional process) , 
illustrated at 214, (5) the 4 -byte internal machine 
characteristic data, illustrated at 216, (6) four 

15 pointers (1 byte each), illustrated at 218, used for 

recovery of the TP/PP in track zero since they identify 
4 particular sectors previously allocated by the 
operating system therefor, and (6) a check sum (3 
bytes), i.e., which is derived by the modulus 256 

20 process as previously discussed, illustrated at 220. 

Referring to Fig. 12, the productprint, 
encrypted by encryption key 214 and then XOR'd to 
reverse bits in accordance with principles commonly 
known to those of ordinary skill in the art to which 

25 this invention pertains, is assembled in the area 152 in 
a format, illustrated at 221, of perhaps 11 bytes 
including (1) product identification (2 bytes) , 
illustrated at 222, (2) "try & buy" indicators (3 
bytes), illustrated at 223, (3) network indicators (3 

30 bytes) , illustrated at 224, and (4) a check sum (3 
bytes), illustrated at 225. The "try & buy" and 
"network" indicators 223 and 224 respectively will be 
discussed hereinafter. It should be understood that 
these indicators 223 and 224 are optional and need not 

35 be provided if the software package is not to have these 
features . 
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In order to determine if a software program is 
authorized or "maximum" users in a network are exceeded, 
the embedded software about to execute on a "node" is 
programmed to communicate back to the client server or 
5 peer-to-peer node to obtain authorization prior to 

executing. Character 6 in the "network" indicator 224 
is a "type of network" designator, i.e., perhaps using 
the characters "N" for Novell, "B" for Banyan, "W" for 
Windows, "L" for Lantastic, and "A" for "not 

10 applicable." Characters 7 and 8 contain the maximum 

number of users allowed concurrently. If character 6 is 
"A" or another character indicating that the software 
contains no provision for network use, then characters 7 
and 8 are random digits. 

15 The thumbprint 209 also contains the 

preselected signature (16 bytes), illustrated at 22G, 
which is a set of characters which are the same for each 
item of software 18. The preselected signature 226 may 
be determined randomly or in any other suitable way. 

2 0 For example, the signature may be generated by beginning 
with 2 8 and adding 91 (if the sum is greater than 255, 
then 255 is subtracted to get the number) until the 16 
characters are generated. It is this signature which 
must be retrieved by the program 18 before execution of 

25 the software is permitted. 

Referring to Figs. 13 and 14, the numbers 
. generated in the pointer portion 154 of 256 bytes are 
random and unique , i.e., each number appears only once . 
Thus, in the example of Fig. 12, the first 6 bytes 

30 randomly contain unique numbers 56, 1, 14, 255, 48, and 
4. A start-point byte is randomly selected, for 
example, at the third byte, indicated at 158, containing 
the number 14 . 

The 35 (or more) bytes of the thumbprint 209 

35 are scrambled or randomly scattered in the "data" 

portion 156 as controlled by the "pointer" portion 154. 
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Thus, to assemble the thumbprint data, as indicated at 
168, the start -point byte 158 determines the byte- 
position of the first byte of the thumbprint , i.e., byte 
number 14 in the "data" portion. The next pointer byte 
5 containing number 255 determines the byte-position of 
the second byte of the thumbprint, i.e., data portion 
byte number 255. The locations of the remaining 
thumbprint bytes are determined similarly, and the 
remaining or unused bytes in the "data" portion retain 
10 their randomly -generated numbers. 

The program 18 proceeds to decompose the 
validation and activation numbers and obtain a derived 
balance number, as previously discussed relative to Fig. 
9, which is used to encrypt the TP/PP, as illustrated at 
15 174, by any suitable encryption method. For example, 

each encrypted byte may be used to encrypt the next byte 
in a ripple effect. 

After the thumbprint is assembled or updated, 
the productprint data is assembled, as indicated at 170. 
20 New check sums are calculated and stored for the TP, PP, 
and cluster, as indicated at 172, followed by encrypting 
the PP with the randomly generated number in the TP 
(then XOR'd) and the TP/PP with the derived balance 
number, as indicated at 174. It is this encrypted TP/PP 
25 which is then written to the hard disk drive 20, as 
indicated at 176 . 

For execution of the software 18, the program 
effects decryption using the predetermined balance 
number. If the predetermined balance number is the same 
30 as the derived balance number (meaning that the 

validation and activation number set was correctly 
decomposable to yield a derived balance number which is 
equal to the predetermined balance number) , then the 
preselected signature 226 as well as the remainder of 
35 the TP/PP will be retrieved. If the derived balance 
number is not the same as the predetermined balance 
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number, the decryption will not yield the preselected 
signature 226 , and the program 18 will not be executed. 
To throw a hacker further off guard, the application 
software is preferably decrypted and re- encrypted on the 
5 fly# i.e., as it is being run. 

The predetermined balance number is suitably 
encrypted in object code which is given to the publisher 
to embed in the program 18, using principles commonly 
known to those of ordinary skill in the art to which 

10 this invention pertains. A The publisher may not 
therefore know the balance number. A series of 
confusing processes are used, in accordance with 
principles commonly known to those of ordinary skill in 
the art to which this invention pertains, to deny access 

15 to the predetermined balance number to the user or a 
hacker . 

Due to the pseudo- random nature of the 
validation and activation codes, different validation 
and activation numbers are obtained each time software 

20 is installed on the same computer, and these numbers 

disappear once the derived balance number is obtained. 

In order to allow a potential customer to "try 
and buy", the software 18 is preferably programmed to 
allow activation then shut down (or provide a "nagging" 

25 message periodically) after a number of uses and/or 

number of days, as specified in the productprint 223. 
This would allow software to be, for example, placed on 
a bulletin board, downloaded, activated, and tried for a 
period of time, as specified by the publisher, and then 

3 0 be purchased during a brief telephone call to the 

activation center. The publisher selects the "nag" or 
"shutdown" version prior to package embedding. 

Referring to Fig. 12, character 3 of the "try 
& buy" indicator 223 is an indication of whether or not 

35 the activated package has been purchased. If it has, 

character 3 may, for example, be a "P" for "purchased. 11 
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If it is in "try" mode, character 3 may be a character 
which indicates either "nag" (continue to operate when 
the specified number of units of time and "tries" have 
been used, but a reminder message on a regular basis) or 
5 "no nag" (shut down when the specified number of units 
of time or "tries" have been used) . Character 3 also 
specifies the unit of time, i.e., seconds, minutes, 
hours, days, or months. Character 4 indicates the 
number of units of time allowed, and character 5 

10 indicates the number of tries allowed. If character 3 
contains a "P, " then characters 4 and 5 are random 
characters. When the user purchases the software, 
character 3 is changed to the "buy" character. 

Referring to Fig. 6, the following is an 

15 alternative method for implementing the "network" and 
"try & buy" features. Instead of listing a check 
digit, D 5 is selected to provide information relative to 
which of these features is to be implemented to be 
passed from the user 40 to the operator 50 (or between 

20 the respective computers) encoded within the digit D 5 . 

The software 18 is programmed to check for the "network" 
and "try & buy" states and select a digit D 3 indicative 
thereof. The possible states for each feature are "yes" 
and "no." If the feature is not included as an option 

25 for the type of software, it is "inactive." For 
example, the digit D 5 may be selected as follows: 
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Network 


Try & Buy 


D 3 


state 


state 




No 


No 


1 


No 


Yes 


2 


Yes 


No 


3 


Yes 


Yes 


4 


Inactive 


Inactive 


0 



10 Thus, D 5/ in this embodiment would not be a check digit 
but would be a digit selected to represent the "network" 
and "try & buy" states. 

When the operator 50 enters this digit D 5 as 
part of the validation number, the computer 60 is 

15 programmed to update its information database 63 

appropriately to reflect the user's "network" and/or 
"try & buy" implementation. 

As previously discussed, the pseudo- random 
encrypting of the validation and activation numbers and 

20 the random scattering of the thumbprint /productprint 
information provides numbers which appear to be 
meaningless and would not be expected to be decoded by a 
hacker even by the sophisticated programs and techniques 
currently in use. The maintenance of the program for 

25 generating the activation number at the activation 

center is inaccessible to the user and maintains secure 
that information which is needed to decode the 
activation number. The process of the present invention 
therefore does not require hiding of codes within the 

3 0 software. 

Even if the hacker were successful in 
determining the derivation of the validation number and 
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the non -random activation number digits from the 
validation number, he or she may still be stumped by a 
failure to realize that the group of randomly generated 
digits Ag, A 2 , ^5 must have balance relative to the digits 
5 of the validation number. Thus, a set of random digits 
A 3 , A 2 , A^ will not allow correct installation of the 
software 18 unless the derived balance number is the 
same as the predetermined balance number. This "balance 
number" approach uniquely provides with the encrypted 

10 number generation a two-piece approach which is not a 
simple comparison which can be branched around by a 
hacker. Thus, even if the hacker is able to 
successfully break the code and generate an activation 
number which will cause an encrypted TP/PP to be 

15 written, his failure to select a set of random digits 
which will provide the predetermined balance number 
still prevents execution of the software since, upon 
decryption, the preselected signature cannot be located. 

Thus, although a method for authorizing the 

20 use of a software package on a particular computer 

system is provided by the present invention so as to be 
virtually impossible, given the current state of the 
art, to decode or reverse engineer, the process is made 
convenient and easy for the software user, i.e., he or 

25 she need only make a phone call and follow some easy 

directions. With modem- to -modem communication, personal 
communication with an activation center operator is not 
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even required. Further, the unchanging and unique 
nature of the computer characteristics on which 
authorization is based allow the authorization process 
to be reliable, i.e., an authorization on one machine 
5 does not include others, and the user can be assured 

that the authorization will not be lost just because the 
computer characteristics may have changed since 
authorization. 

Although the invention has been described in 
10 detail herein, it should be understood that the 

invention can be embodied otherwise without departing 
from the principles thereof, and such other embodiments 
are meant to come within the scope of the present 
invention as defined in the appended claims. 
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What is claimed is: 

1. A method for authorizing use of software on a 
computer comprising the steps of : 

5 a. programming the software to encrypt and 

output to the user of a computer a first number derived 
from information received by the software from the 
computer of at least one characteristic of the computer 
providing an unchangeable and unique identification of 

10 the computer; and 

b* Operating an other computer thereby 
encrypting a second number derived from the first number 
for input to the user's computer to allow use of the 
software on the user's computer only if a predetermined 

15 relationship exists between the first and second 
numbers . 

2 . A method according to claim 1 further 
comprising selecting the at least one computer 

2 0 characteristic from the group of computer 

characteristics consisting of the serial number of the 
disk drive, the BIOS data from ROM, the number of 
sectors per track of the hard disk, the number of heads 
of the hard disk, and the number of cylinders of the 

25 hard disk. 
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3. 



A method according to claim 2 comprising 



10 



15 



20 



programming the software to encrypt the first number 
from information as to all of said group of computer 
characteristics . 

4. A method according to claim 2 comprising 
programming the software to encrypt the first number 
from information as to the BIOS data from ROM, the 
number of sectors per track of the hard disk, the number 
of heads of the hard disk, and the number of cylinders 
of the hard disk. 

5 . A method according to claim 1 comprising 
securing information relative to the process for 
encrypting the second number from access thereto by the 
user, 

6. A method according to claim 1 comprising 
encrypting the second number pseudo- randomly, 

7. A method according to claim 1 further 
comprising programming the software to encrypt the first 
number from the serial number of the hard disk, 

8 . A method according to claim 1 further 
comprising programming the software to provide an option 
to the user of the computer for trial of the software 
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for a specified period such that a new authorization for 
use is required after the trial period is concluded. 

9. A method according to claim 1 further 
5 comprising programming the software to allow the 

authorization for use of the software to cover a 
specified number of computers in a network. 

10. A method for authorizing use on a computer of 
10 software which has been programmed to output to the user 

of a computer a first number derived from at least one 
characteristic of the computer, the method comprising 
operating an other computer thereby encrypting for 
inputting to the user's computer a second number derived 

15 from the first number and including at least one 

randomly generated digit which, when a predetermined 
mathematical operation is performed on said at least one 
randomly generated digit and on at least one of the 
digits of the first number, yields in the user's 

20 computer a derived balance number used to encrypt a 

preselected signature in the user's computer whereby the 
software may be used in the user's computer upon use of 
a predetermined balance number equal to the derived 
balance number to retrieve the preselected signature by 

25 decryption thereof. 
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11. A method according to claim 10 further 
comprising selecting the predetermined balance number to 
be a prime number. 

5 12 . A method according to claim 10 comprising 

securing information relative to the process for 
encrypting the second number from access thereto by the 
user. 

10 13. A method according to claim 10 comprising 

encrypting the second number pseudo- randomly. 

14 . A method for authorizing use of software on a 
computer comprising the steps of: 

15 a. programming the software to output to the 

user of a computer a first number derived from at least 
one characteristic of the computer; and 

b. operating an other computer thereby 
encrypting for inputting to the user's computer a second 

20 number derived from the first number and including at 
least one randomly generated digit which, when a 
predetermined mathematical operation is performed on 
said at least one randomly generated digit and on at 
least one of the digits of the first number, yields in 

25 the user's computer a derived balance number used to 

encrypt a preselected signature whereby the software may 
be used in the user's computer upon use of a 
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predetermined balance number equal to the derived 
balance number to retrieve the preselected signature by 



10 



15 



20 



decryption thereof . 

15. A method according to claim 14 further 
comprising programming the software to write information 
including said preselected signature encrypted by the 
derived balance number in the hard drive of the user's 
computer. 

16. A method according to claim 15 further 
comprising programming the software to scatter the bytes 
of said encrypted information among randomly- generated 
bytes . 

17. A method according to claim 14 further 
comprising programming the software to write information 
including said preselected signature encrypted by the 
derived balance number in the root of the hard disk of 
the user's computer, track 0 of the first cylinder of 
the user's computer, and at least one location on the 
diagnostic cylinder of the user's computer. 

18 . A method according to claim 14 further 
comprising selecting the at least one computer 
characteristic from the group of computer 
characteristics consisting of the serial number of the 
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10 



15 



20 



25 
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hard disk, the BIOS data from ROM, the number of sectors 
per track of the hard disk, the number of heads of the 
hard disk, and the number of cylinders of the hard disk. 

19 . A method according to claim 14 further 
comprising selecting the at least one computer 
characteristic to provide an unchangeable and unique 
identification of the computer. 

20. A method according to claim 14 further 
comprising programming the software to receive 
information relative to the at least one computer 
characteristic from the computer. 

21. A method according to claim 14 further 
comprising programming the software to provide an option 
to the user of the computer for trial of the software 
for a specified period such that a new authorization for 
use is required after the trial period is concluded. 

22 . A method according to claim 14 further 
comprising programming the software to allow the 
authorization for use of the software to cover a 
specified number of computers in a network. 

23 . A method for authorizing use of software on a 
computer comprising the steps of: 
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a. programming the software to 
pseudo- randomly encrypt and output to the user of a 
computer a first number derived from information 
received by the software from the computer of at least 

5 one characteristic of the computer; 

b. inserting the software in the computer 
and operating the computer to obtain the first number; 

c. operating another computer thereby 
pseudo -randomly encrypting a second number derived from 

10 the first number and including at least one 

randomly- generated digit which, when a predetermined 
mathematical operation is performed on said at least one 
randomly generated digit and on at least one of the 
digits of the first number, yields a derived balance 

15 number ; 

d* inputting the second number to the user's 

computer; 

e. operating the user's computer thereby 
obtaining the derived balance number; 
20 f. operating the user's computer thereby 

assembling information including a preselected 
signature ; 

g. operating the user's computer thereby 
encrypting the assembled information using the derived 
25 balance number; and 

h* operating the user's computer thereby 
writing the encrypted assembled information to the 
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user's computer whereby the software may be used in the 
user's computer upon use of the predetermined balance 
number to retrieve the preselected signature by 
decryption thereof . 

5 

24. A method according to claim 23 further 
comprising connecting the user's computer and another 
computer by modems for communication between the user's 
computer and the another computer. 

10 

25. A method according to claim 23 further 
comprising selecting the predetermined balance number to 
be a prime number. 

15 26. A method according to claim 23 further 

comprising operating the user's computer thereby writing 
the encrypted assembled information including the 
preselected signature to at least one location in the 
root of the hard disk drive, track 0 of the first 

20 cylinder, and at least one location on the diagnostic 
cylinder. 
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